﻿// Decompiled with JetBrains decompiler
// Type: Microsoft.InfoCards.InfoCardServiceClientCredentials
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
// MVID: 8E14765A-6610-409A-BA36-099A0642905D
// Assembly location: E:\git\ALLIDA\windll\infocard.exe

using Microsoft.InfoCards.Diagnostics;
using System;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.ServiceModel;
using System.ServiceModel.Description;
using System.ServiceModel.Dispatcher;
using System.ServiceModel.Security.Tokens;

namespace Microsoft.InfoCards
{
  internal class InfoCardServiceClientCredentials : ClientCredentials
  {
    private InfoCard m_card;
    private TokenFactoryCredential m_credentials;
    private bool m_isSelfIssued;
    private ProtocolProfile m_protocolProfile;
    private RSATokenProvider m_endorsingSigTokenProvider;

    public InfoCardServiceClientCredentials(TokenFactoryCredential creds, ProtocolProfile profile)
    {
      this.m_credentials = creds;
      this.m_protocolProfile = profile;
    }

    public InfoCardServiceClientCredentials(
      InfoCardServiceClientCredentials other,
      ProtocolProfile profile)
      : base((ClientCredentials) other)
    {
      this.m_credentials = other.m_credentials;
      this.m_endorsingSigTokenProvider = other.m_endorsingSigTokenProvider;
      this.m_protocolProfile = profile;
    }

    public InfoCard SelectedCard
    {
      get
      {
        return this.m_card;
      }
      set
      {
        this.m_card = value;
      }
    }

    public bool IsSelfIssuedCred
    {
      get
      {
        return this.m_isSelfIssued;
      }
      set
      {
        this.m_isSelfIssued = value;
      }
    }

    public RSATokenProvider EndorsingSignatureTokenProvider
    {
      get
      {
        return this.m_endorsingSigTokenProvider;
      }
      set
      {
        this.m_endorsingSigTokenProvider = value;
      }
    }

    public ProtocolProfile ProtocolVersionProfile
    {
      get
      {
        return this.m_protocolProfile;
      }
    }

    protected override ClientCredentials CloneCore()
    {
      return (ClientCredentials) new InfoCardServiceClientCredentials(this, this.m_protocolProfile);
    }

    public override void ApplyClientBehavior(
      ServiceEndpoint serviceEndpoint,
      ClientRuntime behavior)
    {
    }

    public override SecurityTokenManager CreateSecurityTokenManager()
    {
      return (SecurityTokenManager) new InfoCardServiceClientCredentials.InfoCardServiceClientCredentialsSecurityTokenManager(this);
    }

    private class InfoCardServiceClientCredentialsSecurityTokenManager : ClientCredentialsSecurityTokenManager
    {
      private InfoCard m_card;
      private TokenFactoryCredential m_credentials;
      private ProtocolProfile m_protocolProfile;

      public InfoCardServiceClientCredentialsSecurityTokenManager(
        InfoCardServiceClientCredentials creds)
        : base((ClientCredentials) creds)
      {
        this.m_card = creds.SelectedCard;
        this.m_credentials = creds.m_credentials;
        this.m_protocolProfile = creds.ProtocolVersionProfile;
      }

      public override SecurityTokenProvider CreateSecurityTokenProvider(
        SecurityTokenRequirement tokenRequirement)
      {
        if (tokenRequirement == null)
          throw InfoCardTrace.ThrowHelperArgumentNull(nameof (tokenRequirement));
        string tokenType = tokenRequirement.TokenType;
        bool flag = null != ((InfoCardServiceClientCredentials) this.ClientCredentials).EndorsingSignatureTokenProvider;
        if (this.IsIssuedSecurityTokenRequirement(tokenRequirement))
        {
          if (this.m_credentials.CredentialType != TokenFactoryCredentialType.SelfIssuedCredential)
            throw InfoCardTrace.ThrowHelperError((Exception) new TokenCreationException(SR.GetString("CardDoesNotMatchRequiredAuthType")));
          IssuedSecurityTokenParameters property1 = tokenRequirement.GetProperty<IssuedSecurityTokenParameters>(ServiceModelSecurityTokenRequirement.IssuedSecurityTokenParametersProperty);
          EndpointAddress property2 = tokenRequirement.GetProperty<EndpointAddress>(ServiceModelSecurityTokenRequirement.TargetAddressProperty);
          if (property1.IssuerAddress != (EndpointAddress) null && Utility.CompareUri(property1.IssuerAddress.Uri, XmlNames.WSIdentity.SelfIssuerUriValue))
            return (SecurityTokenProvider) new CustomTokenProvider(property1, this.m_card, property2, ((InfoCardServiceClientCredentials) this.ClientCredentials).IsSelfIssuedCred, this.m_protocolProfile);
          throw InfoCardTrace.ThrowHelperError((Exception) new TokenCreationException(SR.GetString("InvalidIssuerForIssuedToken")));
        }
        if (tokenType == SecurityTokenTypes.X509Certificate)
        {
          if (tokenRequirement.KeyUsage != SecurityKeyUsage.Signature)
            return base.CreateSecurityTokenProvider(tokenRequirement);
          if (this.m_credentials.CredentialType != TokenFactoryCredentialType.X509CertificateCredential)
            throw InfoCardTrace.ThrowHelperError((Exception) new TokenCreationException(SR.GetString("CardDoesNotMatchRequiredAuthType")));
          return (SecurityTokenProvider) new RemoteCryptoTokenProvider(this.ClientCredentials.ClientCertificate.Certificate);
        }
        if (tokenType == ServiceModelSecurityTokenTypes.MutualSslnego)
        {
          if (this.m_credentials.CredentialType != TokenFactoryCredentialType.X509CertificateCredential)
            throw InfoCardTrace.ThrowHelperError((Exception) new TokenCreationException(SR.GetString("CardDoesNotMatchRequiredAuthType")));
          return base.CreateSecurityTokenProvider(tokenRequirement);
        }
        if (tokenType == ServiceModelSecurityTokenTypes.AnonymousSslnego)
          return base.CreateSecurityTokenProvider(tokenRequirement);
        if (tokenType == ServiceModelSecurityTokenTypes.SecureConversation)
          return base.CreateSecurityTokenProvider(tokenRequirement);
        if (tokenType == SecurityTokenTypes.Kerberos || tokenType == ServiceModelSecurityTokenTypes.Spnego)
        {
          if (this.m_credentials.CredentialType != TokenFactoryCredentialType.KerberosCredential)
            throw InfoCardTrace.ThrowHelperError((Exception) new TokenCreationException(SR.GetString("CardDoesNotMatchRequiredAuthType")));
          return base.CreateSecurityTokenProvider(tokenRequirement);
        }
        if (tokenType == SecurityTokenTypes.UserName)
        {
          if (this.m_credentials.CredentialType != TokenFactoryCredentialType.UserNamePasswordCredential)
            throw InfoCardTrace.ThrowHelperError((Exception) new TokenCreationException(SR.GetString("CardDoesNotMatchRequiredAuthType")));
          return base.CreateSecurityTokenProvider(tokenRequirement);
        }
        if (tokenType == ServiceModelSecurityTokenTypes.SspiCredential)
        {
          if (this.m_credentials.CredentialType != TokenFactoryCredentialType.KerberosCredential && this.m_credentials.CredentialType != TokenFactoryCredentialType.UserNamePasswordCredential)
            throw InfoCardTrace.ThrowHelperError((Exception) new TokenCreationException(SR.GetString("CardDoesNotMatchRequiredAuthType")));
          return base.CreateSecurityTokenProvider(tokenRequirement);
        }
        if (tokenType == SecurityTokenTypes.Rsa && flag)
          return (SecurityTokenProvider) ((InfoCardServiceClientCredentials) this.ClientCredentials).EndorsingSignatureTokenProvider;
        return base.CreateSecurityTokenProvider(tokenRequirement);
      }
    }
  }
}
